Bonum Certa Men Certa

Links 14/5/2020: Django 3.1 Alpha, Python 3.8 and GNU/Linux is Back in Munich



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Popcorn Linux pops up on linux-kernel

        The end of April saw the posting of a complex patch set called "Popcorn Linux distributed thread execution". It is the first appearance on the kernel mailing lists of an academic project (naturally called Popcorn Linux) that has been underway since 2013 or so. This project has, among other goals, the objective of turning a tightly networked set of computers into something that looks like a single system — a sort of NUMA machine with even larger than usual inter-node costs. The posted code, which is a portion of the larger project, is focused on process migration and memory sharing across machines. It is an interesting proof of concept, but one should not expect to see it merged in anything close to its current form. Each node in a Popcorn system is a separate Linux host sitting on the network. Popcorn itself is started by loading a kernel module that is charged with connecting the larger system together. The module reads a list of IP addresses (IPv4 only) directly from a file (/etc/popcorn/nodes by default). Each machine will make a TCP connection to every node listed ahead of itself in this file, then wait for an incoming connection from every node listed afterward. Thereafter, each node is known by an integer ID which is simply its position in the nodes file.

        There is a hard-coded maximum of 62 nodes. No sort of authentication is done for incoming node connections, which might seem like a bit of a security issue; indeed, the patch set warns against running Popcorn on machines connected to the Internet. There does not seem to be any provision for nodes going up or down or being absent entirely. Comments in the patch set say that the TCP-based communication system "is intended for Popcorn testing and development purposes only", suggesting that, someday, somebody will get around to implementing something better.

      • Authenticated Btrfs

        Developers who are concerned about system integrity often put a fair amount of effort into ensuring that data stored on disk cannot be tampered with without being detected. Technologies like dm-verity and fs-verity are attempts to solve this problem, as is the recently covered integrity policy enforcement security module. More Recently, Johannes Thumshirn has posted a patch series adding filesystem-level authentication to Btrfs; it promises to provide integrity with a surprisingly small amount of code. Integrity-verification code at the filesystem or storage level generally works by calculating (and storing) checksums of each block of data. When it comes time to read that data, the checksum is calculated anew and compared to the stored value; if the two match, one can be confident that the data has not been modified (or corrupted by the hardware) since the checksum was calculated. If there is reason to believe that the stored checksum is what the creator of the data intended, then the data, too, should be as intended.

        Solutions like dm-verity and fs-verity work by storing checksums apart from the data; fs-verity, for example, places the checksum data in a hidden area past the end of the file. The developers of more modern filesystems, though, have generally taken the idea that storage devices are untrustworthy (if not downright malicious) to heart; as a result, they design the ability to calculate, store, and compare checksums into the filesystem from the beginning. Btrfs is one such filesystem; as can be seen from the on-disk format documentation, most structures on disk have a checksum built into them. Checksums for file data is stored in a separate tree. So much of the needed infrastructure is already there.

        Checksums in Btrfs, though, were primarily intended to catch corruption caused by storage hardware. The thing about hardware is that, while it can be creative indeed in finding new ways to mangle data, it's generally not clever enough to adjust checksums to match. Attackers tend to be a bit more thorough. So the fact that a block of data stored in a Btrfs filesystem matches the stored checksum does not, by itself, give much assurance that the data has not been messed with in a deliberate way.

        To gain that assurance, Btrfs needs to use a checksum that cannot readily be altered by an attacker. Btrfs already supports a number of checksum algorithms, but none of them have that property. So the key to adding the needed sort of authentication to Btrfs is to add another checksum algorithm with the needed assurance. Thumshirn chose to add an HMAC checksum based on SHA-256.

      • Atomic extent swapping for XFS

        Normally, files exist in a filesystem to keep data contained within them separated; seeing data exchanged directly between files is often a sign of filesystem corruption. There are, however, use cases where it is desirable to be able to perform a controlled swap of data between a pair of files. Darrick Wong has recently posted a patch set implementing this feature for the XFS filesystem, but also making it available in a general way.

        As it happens, XFS has had a data-swapping capability for some time: the rigorously undocumented XFS_IOC_SWAPEXT ioctl() command will exchange extents of data in two files. This feature exists for one purpose in particular: defragmentation of filesystems. The xfs_fsr utility does its job by scanning a filesystem for the most highly fragmented files — those that are split up into the largest number of extents. It then creates a new file with a single extent large enough to hold one of the fragmented files and copies the data over. The final step is an XFS_IOC_SWAPEXT operation to atomically replace the old file's data blocks with the new, defragmented version.

        It seems, however, that there are other interested users out there. Application developers would like a way to replace some or all of the contents of a file in an atomic and safe way — one which preferably does not leave the file corrupted if the system goes down partway through. Currently such tasks must be handled by creating a temporary file, populating it, and renaming it over the original; this works, but it is a multi-step affair that is hard to get right.

      • Graphics Stack

        • mesa 20.1.0-rc3
          Hi all,
          
          

          I'd like to announce the third release candidate for the 20.1 branch, Mesa 20.1.0-rc3.

          As always, please test it and report any issues you may find to https://gitlab.freedesktop.org/mesa/mesa/issues/new

          And to help us track issues and merge requests relevant to this branch, please add them to the 20.1.0 release milestone: https://gitlab.freedesktop.org/mesa/mesa/milestones/14

          There's a good amount of fixes here, but there are still open issues that we'll need to close before the final release, which is currently planned for the 27th.

          The next release candidate is scheduled for 7 days from now, on 2020-05-20.

          Eric
        • Mesa 20.1-RC3 Released With Another Week Worth Of Fixes Plus Intel Rocket Lake Support

          While already various changes are building up for Mesa 20.2, the Mesa 20.1 release process is still progressing with hopes of shipping this quarter's stable release later in the month.

          The third release candidate of Mesa 20.1 is out as of a few hours ago. Over the past week the fixes hitting the 20.1 tree have fixed an ACO issue, some minor Intel fixes, an R600 NIR compiler options fix for that experimental functionality, fixes for V3D, and other fixes.

    • Applications

      • 22 Best Free Linux Terminal Emulators (Updated 2020)

          Aterminal emulator is computer software which emulates a dumb video terminal within some other display architecture.

        The terminal window allows the user to access a console and all its applications such as command line interfaces (CLI) and text user interface software. Even with the sophistication of modern desktop environments packed with administrative tools, other utilities, and productivity software all sporting attractive graphical user interfaces, it remains the case that some tasks are still best undertaken with the command line.

        Modern desktop environments come supplied with a number of terminal emulators already installed. In the case of GNOME, KDE, and XFCE (three popular desktop environments), the user is offered GNOME Terminal, Konsole, and Terminal respectively as the default terminal emulator. However, this does not necessarily mean that the pre-selected terminal emulator is best suited for your own specific requirements or your hardware.

      • Cockpit Project: Cockpit 219

        Logs can now be filtered by keywords and free text. Keywords include units, time constraints, priority, and arbitrary journal fields. Dropdowns adjust the query string — so there’s no need to remember the most common journal keywords. Also, copying and pasting this query string across machines allows administrators to have a precise filtered view of logs.

        A pause button has been included next to the filters, to pause the streaming of logs. When toggled, it changes to a resume button, letting you quickly switch back to a stream of incoming journal entries.

    • Instructionals/Technical

    • Distributions

      • Reviews

        • Linuxfx 10 Review: A Windows-Like Linux Distro On Top Of Ubuntu 20.04

            After the release of Ubuntu 20.04 LTS, many of its derivatives such as Umix, Voyager, UbuntuDDE, and Pop!_OS came into the limelight by switching their base to the latest v20.04. But one of the distros that managed to grab my special attention was Linuxfx 10, which is also based on Ubuntu 20.04.

          I chose to review it because I believe Linuxfx has the closest pre-installed user interface to Microsoft’s Windows 10. You may have already guessed the reason — the Windows theme. Nonetheless, Linuxfx suits best for beginners who want to migrate to Linux but find it hard to work on Linux desktop like GNOME or KDE.

      • New Releases

        • Finnix 120 released... wait, what?

          That’s right: after a 5 year hiatus, Finnix — the LiveCD for system administrators and the oldest LiveCD in production — is back to celebrate its 20 year anniversary in 2020 with Finnix 120.

          Finnix 120 is a complete overhaul, with a number of major changes (as well as too many minor changes to enumerate).

        • Plamo 7.2 リリース

          従来同様、4.7Gのサイズに収まるようにDVD用は2枚組みです。他に USB メモリからインストールする用に DVD 2 枚分をまとめてひとつにした USB 用イメージがあります(_usb.iso)。

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Latest Research Shows How IT Leaders Are Daring to be Different

          I understand these needs and see it firsthand every day. For nearly 30 years, SUSE has helped our customers meet their digital transformation goals while showcasing the tangible business outcomes our innovation delivers through our secure, reliable, and cost-effective open source solutions. Built by our community of innovators – the power of many – SUSE enables our customers around the world to simplify, modernize, and accelerate their businesses so they can deliver on what matters most to their customers.

        • Why open source solutions are playing a more powerful role in enterprise IT

          From our perspective, we see open source not only as an increasingly powerful way for agencies to modernize their IT systems faster, but we also see the importance of helping customers capitalize on open source solutions based on what success means to them. With open source, you are not locked into a vendor, you have the ultimate flexibility to build your IT based on your needs. This is the value of open source, and with the powerful community of innovators, the power of many, open source innovations can help agencies start from where they are and get them to where they need to be.

      • Slackware Family

        • Cinnamon 4.6 Early Preview

          Few days ago i saw that Cinnamon 4.6.0 has been released on GitHub and as usual, developers will still release a couple more releases before they mark it stable, but i have made some changes to the SlackBuild scripts and push it to master branch for those who are eager to try the new Cinnamon 4.6.x series.

          I believe this version will be used in the next Linux Mint 20 which will be released in June, but i want Slackware-Current users to try this version first :)

      • IBM/Red Hat/Fedora

        • Ask Fedora Retrospective – 2019

          About a year ago, we officially moved the Ask Fedora user support web site to a new platform. The work started around February 2019. We archived the old Askbot instance and we moved to Discourse. This post looks back on the first year with the new site.

        • Getting Started With The Vagrant Libvirt Provider For Oracle Linux

          As recently announced by Sergio we now support the libvirt provider for our Oracle Linux Vagrant Boxes.

          The libvirt provider is a good alternative to the virtualbox one when you already use KVM on your host, as KVM and VirtualBox virtualization are mutually exclusive. It is also a good choice when running Vagrant on Oracle Cloud Infrastructure.

          This blog post will guide you through the simple steps needed to use these new boxes on your Oracle Linux host (Release 7 or 8).

      • Canonical/Ubuntu Family

        • Ubuntu Touch OTA-12 Released: A Mobile Version Of Ubuntu Linux
          Bports Foundation is the community that adopted both Unity 8 and Ubuntu Touch projects ditched by its creator Canonical. Since then, they’ve continued the development to bring privacy, freedom, and Ubuntu experience on mobile devices.

          Now, with the latest release of Ubuntu Touch OTA-12, they have reached a milestone of their largest release ever. This Over-The-Air-12 software update comes with a list of new features and changes for many Ubuntu Touch supported mobile devices. Let’s dive in to see what’s new with the OTA-12 major release.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • How to find new maintainers for your open source project

          If there's one thing you can say about open source software (OSS), it's that it quietly yet inarguably runs our world. Most of the internet is built on open source software, and, these days, millions of developers build and maintain hundreds of thousands of open source packages in more than 250 programming languages. If that's not enough, enterprise companies continue to grow their investments in open source in 2020.

        The more open source software permeates our everyday life, the more important it becomes to keep all these projects secure, compatible, and well-maintained.

      • Open source ERP systems for manufacturing

          Today's manufacturing challenges demand integrated systems. As current events in the world unfold, the manufacturing industry is seeing rapidly changing demand, falling capacity to meet demand, and supply bottlenecks that have become difficult to predict and manage. On top of all of this is the global economic downturn, which impacts many manufacturers and suppliers today and for the foreseeable future.

        Manufacturing output decreased by 0.4% in February 2020, following a 1% drop in the previous month. It marks the eighth straight month of annual declines in factory activity in the U.S. Also, according to the U.S. Bureau of Labor Statistics, over the last decade, the number of manufacturing jobs has steadily declined. In March 2020, average weekly hours fell by 0.3 hours for all manufacturing workers and by 0.3 hours for production employees. The skills gap is also widening in manufacturing and is expected to cause losses of $454 billion in manufacturing GDP by 2028.

      • SaaS/Back End/Databases

      • Productivity Software/LibreOffice/Calligra

        • The Next LibreOffice Version 7.0: All You Need to Know.

          SHARE The next major release of LibreOffice version 7.0 under heavy development at the moment and alpha1 is out. I have obtained some information about the potential features and updates from official sites, changelogs. Have a look.

          LibreOffice, the popular free and open-source office suite has come a long way from the initial OpenOffice days. It is now a default office suite for almost all Linux Distributions and being used heavily in Windows and Mac. With its popularity and user base increasing, developers are adding more features into LibreOffice so that users can experience a top tier free office suite.

          The current LibreOffice version is 6.4.x and there is no particular reason for bumping up the version to 7.0. However, LibreOffice 7.0 looks promising at the moment.

          LibreOffice version 7.0 is due in early August 2020. Here’s the release plan summary.

      • FSF

        • GNU Projects

          • Making Emacs popular again

            Stallman agreed with that sentiment. But he would also like to see Emacs return to popularity as an editor of text for publication. Several noted that Org mode is already being used successfully for text-publication purposes. That mode is not familiar to Stallman and he was unable to learn much about using it for word processing by reading the documentation. Zaretskii pointed out that there is a high barrier to learning Org mode from its documentation, at least for the word-processing use case.

            Once again, though, it seems quite unlikely that some putative, well-documented word-processing Emacs mode is likely to have users flocking to the editor. But Stallman said that the user profile for Emacs was much broader 30 years ago; he would like to see it be that way again. He personally does not see rounded corners as part of that, though he is not opposed to efforts in that direction; "[...] if you want to attract more users to Emacs, I think there are more important areas for improvement." Lu had some ideas along those lines, for example using starter kits (or packs) to help make the editor "more friendly to newcomers".

            There was a difference of opinion about making changes to the defaults, though, in order to help newcomers. If changes need to be made for the sake of newcomers, ndame said, established users can just turn them off. For example, Cua Mode, which adds the "standard" keybindings for things like cut and paste (i.e. ctrl-c, ctrl-x, ctrl-v) to Emacs, should be on by default; "it could make the life of new users easier if they didn't have to turn it on explicitly and they could use their copy/paste keys from the start like they are used it to in other tools".

          • TEMPEST Comes To GNU Radio

            As we use our computers, to watch YouTube videos of trucks hitting bridges, to have a Zoom call with our mothers, or even for some of us to write Hackaday articles, we’re unknowingly sharing a lot of what we are doing with the world. The RF emissions from our monitors, keyboards, and other peripherals can be harvested and reconstructed to give a third party a view into your work, and potentially have access to all your darkest secrets. It’s a technique with origins in Government agencies that would no doubt prefer to remain anonymous, but for a while now it has been available to all through the magic of software defined radio. Now it has reached the popular GNU Radio platform, with [Federico La Rocca]’s gr-tempest package.

      • Public Services/Government

        • Linux not Windows: Why Munich is shifting back from Microsoft to open source – again

          A number of smaller German towns and municipalities – Leonberg in the state of Baden-Württemberg and Treuchtlingen in Bavaria are notable examples – have also forged ahead in this area although admittedly it's easier to migrate 40 desktops than around 15,000, as Munich did.

          Sander notes that at their party conference in November last year, even Angela Merkel's normally conservative Christian Democratic (CDU) party set their sights on free software.

          For future digital projects, "procurement and support will be bound by the principles of open source and open standards. Publicly financed software should serve all citizens," the party's statement said, echoing the Free Software Foundation's own campaign.

          Of course, that's only a statement of political intent, the Foundation's Sander notes. But if the CDU remains in power, that could eventually become the official position of the whole German government.

          One current ministry, the Federal Ministry of the Interior, has already taken a similar line. It commissioned consultancy PwC to look into how Germany could achieve more digital sovereignty and become less dependent on vendors like Microsoft.

          One of the August 2019 study's recommendations was investing in more open-source software. While outlining various challenges, the analysts also said, "Ultimately, this option may conceivably lead to permanent independence from major vendors."

          It's worth noting that the politician in charge of that ministry is Horst Seehofer, a member of the same political party, the conservative Christian Social Union, as the former deputy mayor of Munich is, who is often perceived as one of the prime movers against the LiMux project there.

          So far, it's more words than deeds, the Fraunhofer Institute's Thapa concedes. As yet, none of the big players appears to have lost significant business to the free software movement in Germany. But it seems likely that commercial vendors will have a tougher time here in the near future.

          "I find it very exciting that Munich is back," Thapa concludes. "The door of opportunity is open again and maybe this time they will go all the way through."

      • Programming/Development

        • LLVM Lands Support For The Marvell ThunderX3

          Announced back in March were the Marvell ThunderX3 Arm server processors with up to 96 cores per SoC and support for 4-way SMT to yield up to 384 threads per socket. These 7nm Arm server processors also support eight channels of DDR4-3200 memory, 64 lanes of PCIe 4.0, and other competitive features for a 2020 server CPU. While we await to see how the ThunderX3 processors perform, the compiler support and other Linux software features are getting all buttoned up.

        • The Web Platform Tests project

          Working on Web browsers development is not an easy feat but if there’s something I’m personally very grateful for when it comes to collaborating with this kind of software projects, it is their testing infrastructure and the peace of mind that it provides me with when making changes on a daily basis.

          To help you understand the size of these projects, they involve tens of millions of lines of code (Chromium is ~25 million lines of code, followed closely by Firefox and WebKit) and around 200-300 new patches landing everyday. Try to imagine, for one second, how we could make changes if we didn’t have such testing infrastructure. It would basically be utter and complete chao​s and, more especially, it would mean extremely buggy Web browsers, broken implementations of the Web Platform and tens (hundreds?) of new bugs and crashes piling up every day… not a good thing at all for Web browsers, which are these days some of the most widely used applications (and not just ‘the thing you use to browse the Web’).

        • Norbert Preining: Switching from NVIDIA to AMD (including tensorflow)

          I have been using my Geforce 1060 extensively for deep learning, both with Python and R. But the always painful play with the closed source drivers and kernel updates, paired with the collapse of my computer’s PSU and/or GPU, I decided to finally do the switch to AMD graphic card and open source stack. And you know what, within half a day I had everything, including Tensorflow running. Yeah to Open Source!

        • The logging framework isn't a bottleneck, and other lies your laptop tells you

          Server have, on average, different needs. A Rails app that takes a network request and makes a database call may barely touch disk. A file server often cache files in buffer pools, serving them from RAM rather than disk.

          The default disk you get on GCP, regional persistent disks, will top out around 240MiB/s. That is one order of magnitude slower than the NVMe disk on your laptop.

          Your laptop will make you think your logging framework isn’t your primary bottleneck

        • OTP 23 Release

          Erlang/OTP 23 is a new major release with new features, improvements as well as a few incompatibilities.

        • Making the best of it: online learning and remote teaching
        • Python

          • Django 3.1 release notes - UNDER DEVELOPMENT€¶
          • Django 3.1 alpha 1 released

            Django 3.1 alpha 1 is now available. It represents the first stage in the 3.1 release cycle and is an opportunity for you to try out the changes coming in Django 3.1.

            Django 3.1 has a potpourri of new features which you can read about in the in-development 3.1 release notes.

          • Python 3.8.3

            The Python 3.8 series is the newest major release of the Python programming language, and it contains many new features and optimizations.

          • Python 3.8.3 is now available

            On behalf of the entire Python development community, and the currently serving Python release team in particular, I’m pleased to announce the release of Python 3.8.3, the third maintenance release of Python 3.8. You can find it here:

            https://www.python.org/downloads/release/python-383/

            It contains two months worth of bug fixes. Detailed information about all changes made in 3.8.3 can be found in its change log. Note that compared to 3.8.2, version 3.8.3 also contains the changes introduced in 3.8.3rc1.

            The Python 3.8 series is the newest feature release of the Python language, and it contains many new features and optimizations. See the “What’s New in Python 3.8” document for more information about features included in the 3.8 series.

          • How to Write Middleware using FastAPI

            For one of my project, I needed to host an API service on the RapidAPI platform. In order to make sure that all the requests to the application are routed via RapidAPI I needed to check special header sent by RapidAPI.

            RapidAPI forwards each valid request to the configured server, but injects additional header X-RapidAPI-Proxy-Secret. While a hacker may also send the same header, the value of this header will be only known to RapidAPI platform and your app.

            I deployed the server on heroku, and defined an environment variable PROXY_SECRET which I check against the one sent with the request.

            Sometimes I need to test the server directly, in which case I simply do not set this variable (like on my local machine) and this check is bypassed.

        • PHP

          • PHP showing its maturity in release 7.4

            This year PHP turned 25 and, as with all things, the hope is that with age comes wisdom and maturity. Often derided as a great way to write bad (and insecure) code, PHP is hard to ignore completely when it is used in nearly eight out of ten websites. With PHP 7.4.5 released in April, it's worthwhile to take a look at modern PHP, how it has evolved to address the criticisms of the past, and what lies ahead in its future.

            [...]

            In the early days of PHP, two repositories, PEAR and PECL, were created to catalog both reusable PHP code and non-bundled, C-based extensions, respectively. PECL continues to be a valuable collection with over 400 extensions, from authentication to data structures, however it has failed to become a widespread tool allowing PHP developers to use those extensions because they introduce system-level dependencies that are generally unavailable on cheaper hosting providers. PEAR, being pure PHP code, was more successful in adoption yet struggled to become the tool it was intended to be. Unfortunately code age and quality proved to be too big of a hurdle to overcome and, because of this, PEAR was officially disabled by default as of PHP 7.4.

          • [Red Hat/Fedora] PHP version 7.2.31, 7.3.18 and 7.4.6

            RPMs of PHP version 7.4.6 are available in remi repository for Fedora 32 and remi-php74 repository for Fedora 30-31 and Enterprise Linux ≥ 7 (RHEL, CentOS).

            RPMs of PHP version 7.3.18 are available in remi repository for Fedora 30-31 and remi-php73 repository for Enterprise Linux ≥ 6 (RHEL, CentOS).

            RPMs of PHP version 7.2.31 are available in remi-php72 repository for Enterprise Linux ≥ 6 (RHEL, CentOS).

        • Java

          • JEP 380: Unix-domain socket channels

            Another day, another JEP. The goal of JEP 380 is to introduce support for Unix-domain socket features that are common to the major Unix platforms and Windows. This will be achieved by adding a handful of API elements. Let’s take a closer look.

            A new JDK Enhancement Proposal (JEP) has been put forward by Michael McMahon to add Unix-domain socket support to two APIs in the java.nio.channels package; the socket channel and server-socket channel. JEP 380 also aims to extend the inherited channel mechanism to support Unix-domain socket channels and server socket channels.

  • Leftovers

    • On Asparagus and Bombers

      In late spring an age-old tradition places asparagus – the white kind preferred here – at the very top of German menus. But only until St. John’s Day, June 24th (the summer solstice). After that date farmers stop harvesting – to give plants at least 100 days to convalesce for the next year before the first frosts arrive (if frosts do arrive this year!).

    • Health/Nutrition

      • Discouragement Gap in College Dreams Brings Civil Rights Value to Real COVID-19 Relief

        Assaults on Civil Rights can be loud, with microphones or guns, but the effects of structural racism are often hushed, in the silence of dreams deferred. Whether we hear it or not, the Civil Rights rollback of 2020 is well underway.

      • We Need a Centralized Medical System Too

        The coronavirus pandemic has laid bare two fundamental flaws in the American healthcare system.

      • Who's in a Catch-22?

        The pandemic has put President Trump and his beloved market in a Catch-22 situation, one that not all of us are in.

      • “Making It Up As They Go Along:” Boris Johnson and COVID-19

        As I write (the weekend of 9-10 May), the UK’s death toll from the COVID-19 pandemic has reached 31,855. The UK, unlike the US, has started counting deaths in care homes.

      • The HEROES Act Is a Vital Step Toward Ending COVID, So of Course It Is Doomed

        There are two ways the COVID-19 story ends for the United States.

      • Republicans Can't Seem to Make Up Their Minds About Mail and Voting

        One laudable side effect of the COVID-19 panic is a nationwide effort to promote “vote by mail” as a universal alternative to standing in line at polling places. One reason that effort is laudable is that it would likely decrease vote fraud.

      • Virologist Luis Villarreal: “Leery” of COVID-19 Models, Vaccine Possible Year’s End

        Somewhat exasperated by the Covid-19 models publicly showcased over the last two months, I decided to ring up virologist Luis Villarreal for his perspective. Luis Villarreal is founding director of University of California, Irvine’s Center for Virus Research and UCI Professor Emeritus, Molecular Biology and Biochemistry.

      • Michigan Anti-Lockdown Protesters Spread COVID-19 to Rural Areas

        Some protesters who descended on the Michigan state capitol to demand the state reopen the economy in spite of the ongoing coronavirus pandemic have spread infections in rural areas where they live, Gov. Gretchen Whitmer told Vice President Mike Pence in a recorded phone conversation obtained by ABC News.

      • The Real Reason Trump Wants to Reopen the Economy

        He’s trying to force the economy to reopen to boost his electoral chances, and he’s selling out Americans’ health to seal the deal. No matter the cost, Donald Trump’s chief concern is and will always be himself.

      • 'Reopening' Means Workers Will Die

        The wealthy may be fine with sacrificing the vulnerable, but workers are fighting for the sanctity of human life.

      • Patriotic Vaccines: The Divided Coronavirus Cause

        When it comes to the politics of medicine and disease, the United States has always attempted to steal the limelight, while adding the now faded colouring of universal human welfare. In 1965, Washington pledged financial and technical support to the international effort to eradicate smallpox, though the initiative had initially been spurred by the Soviet Union at the behest of virologist and deputy health minister Victor Zhdanov in 1958. At that point in time, the World Health Organisation was not so much a punch bag as vehicle for US foreign policy, to be cultivated rather than rebuked.

      • To Re-Open Safely We Need a "Health Force" of Disease Detectives

        In the long run such a workforce could help address the long-standing shortage of primary care in the United States—including community-based programming to assist families with preventive health, nutrition, exercise, chronic diseases and mental health needs.

      • Facing Down Bigotry—and a Pandemic

        Against harassment and bigotry, Asian-American officials are finding ways to care for their communities through this crisis.

      • Trump’s “Lightning Fast” COVID-19 Test May Be Seriously Flawed, New Study Shows

        President Donald Trump has frequently bragged about the amount of testing being conducted across the United States in response to COVID-19 — but a recent study from New York University suggests that the testing going on within the White House itself is faulty.

      • Trump Pressures CDC to Lower COVID Death Count by Changing Calculation Method

        President Donald Trump has privately expressed doubts about the coronavirus death toll in the United States, telling aides he believes the number is too high and overcounted.

      • ‘We are the infection’s main carriers’ Response workers outside Moscow describe the lack of PPE and coronavirus testing, which is forcing local patients to wait more than 24 hours for emergency assistance

        On the morning of May 10, the inter-regional medical workers’ union “Deystvie” (“Action”), reported that employees of the Moscow Regional Ambulance Station had been complaining to their organization about a lack of PPE since April. The union emphasized that some emergency response workers had already fallen ill and that there had even been fatalities. According to the “Memory List,” a document compiled by Russian doctors to commemorate medical workers who have died during the coronavirus pandemic, at least three employees of the Moscow Regional Ambulance Station have died so far.€ 

      • The spread of coronavirus is slowing in Russia, but there are still more than 10,000 new diagnoses every day

        On the morning of May 13, Russian officials announced that the country recorded 10,028 new coronavirus infections in the past day (up 4.3 percent from the day before) bringing the nation’s total number of confirmed COVID-19 cases to 242,271 patients. The only country in the world with more registered coronavirus patients is the United States, where nearly 1.4 million people have tested positive for the disease.

      • Without A Vaccine, Herd Immunity Won’t Save Us

        Most people understand immunity to mean that once a person has been exposed to a disease, they can’t get it again. It’s an easy concept to grasp, and some people have hoped that widespread immunity could be the way out of this pandemic: If enough of the population becomes immune to the disease, the spread would be stopped, since the virus would run out of new, susceptible targets. The “herd” of immune people would protect everyone.

        But getting to herd immunity without a vaccine isn’t as simple as the idea itself. A number of variables can affect when herd immunity is reached — and what it costs to get there — and they vary depending on the disease. How infectious is the disease? How deadly is it? And how long do people stay immune once they’ve gotten it? Adjusting any of these variables can drastically change the outcome of this equation. You can probably sense where this is heading …

        We’ve built a very simplified version of how those variables interact. (You’ll see just how simple in the methodology beneath the simulator.) To be clear, this is not about COVID-19 itself — instead, our calculator shows how a theoretical disease we’re calling Fictionitis would play out in a population that has never encountered it before and does nothing to try to stop it.

        You’ll notice that each variable plays a role in setting a herd immunity threshold and reaching it.

      • Religious superstitions and the coronavirus pandemic

        Radical clerics also see the mysterious outbreak of the coronavirus as an opportunity to grow their religious hold on their followers by stoking fear. People are bullied into taking refuge from insufferable disasters in religion by adapting discriminatory but religiously endorsed behaviour.

      • China’s Disinformation Effort Targets Virus, Researcher Says

        An army of bot accounts linked to an alleged Chinese government-backed propaganda campaign is spreading disinformation on social media about coronavirus and other topics, including an exiled businessman, according to a London-based researcher.

        The accounts have been used to promote content attacking critics of the Chinese government and to spread conspiracy theories blaming the U.S. for the origins of virus, according to Benjamin Strick, who specializes in analyzing information operations on social media websites.

        Between April 25 and May 3, Strick said he identified more than 1,000 accounts on Twitter that were associated with the Chinese disinformation effort, as well as more than 50 different pages on Facebook. He estimated that 300 or 400 new Twitter accounts were joining the network each day, as part of the Chinese campaign.

      • "How is that based in science?": Fox hosts without medical backgrounds question top disease expert

        Carlson, who like his Fox News colleagues is a political commentator with no medical background, questioned the science behind Fauci's testimony earlier in the day before a panel of top U.S. senators.

    • Integrity/Availability

      • Proprietary

        • Texas Says Court System Was Subject to Ransomware Attack [iophk: Windows TCO]

          The state said the attack was discovered Friday and that it’s not going to paying ransom. The Office of Court Administration said that filings and research are still available and there was no indication any personal information was compromised.The “branch network” was disabled, including websites and servers, in response to the attack.

        • Texas high courts hit by ransomware attack, refuse to pay [iophk: social control media in place of real infrastructure :( ]

          He said the courts' separate document filings system remains operational, the courts are working to ensure lawyers and the public can access court records through other means and that the courts are still granting motions for extensions on deadlines.

          “We're trying to use everything available to us to keep access to the courts so we're using Twitter and social media,” Hawthorne said.

        • Texas court IT hit by ransomware [iophk: Windows TCO]

          It noted that because of the ongoing nature of the investigation, remediation and recovery, OCA will not comment further until additional information is available for public release.

        • Ransomware attack targeted Texas state court system [iophk: Windows TCO]

          Officials have not said when the system will be back online, but they have set up a temporary website and are working with law enforcement and the Texas Department of Information Resources to investigate the attack.

          The [attack] comes less than a year after nearly two dozen local governments in Texas were hit by a similar coordinated attack.

        • Security

          • Sysadmin security: 8 Linux lockdown controls

              Security is a perennial topic of interest for sysadmins. And securing new systems always presents a challenge because there really are no set standards for doing so. I'm pulling this article's list of security measures and controls from a variety of sources, including personal experience, DISA STIGs, and recommendations from other system administrators and security folks. While these security measures are good, they're only a first step toward better system security. These eight system controls are in no particular order of importance.

          • ZDNet, Linux and Huawei can prove to be quite an explosive mix

            When American tech journalists see the words "vulnerability" and "Huawei" in close proximity these days, they tend to get over-excited and, as a result, produce copy that goes quite wonky.

            A classic example of this was seen this week when the site, ZDNet, one of the tech powerhouses, reported on a patch submitted to the Linux kernel project by someone who called Huawei Kernel Self Protection.

            The patch was found to have some trivial flaws by the maker of the Grsecurity kernel patch, Brad Spengler – a man who loves publicity and knows that picking a hole in a patch put out by someone who was seemingly associated with Huawei would generate interest among the US press.

            He was right. But it's a pity that ZDNet did not take some time to check its facts, with its security writer Catalin Cimpanu theorising that this patch had "sparked interest in the Linux community as (sic) could signal Huawei's wish to possibly contribute to the official kernel".

            Cimpanu has a history of screwing up when it comes to Linux. Huawei has been a contributor to the Linux kernel for quite a few years now. As one commenter on the US news aggregation site Slashdot pointed out, in 2017, Huawei was 15th in the list for top companies contributing to the Linux kernel, 4.8– 4.13, and third (after Intel and Google) in in the list of companies bringing in the most new developers.

            Again, there are numerous people in numerous companies who make contributions to the Linux kernel on their own time; all patches are scrutinised by Linux creator Linus Torvalds, or one of his trusted lieutenants, before they are finally merged.

            Hence, the excitement over some flaws in a patch is not really understandable.

          • Privacy/Surveillance

            • One Vote Short: FISA Amendment Requiring Warrants For Browser & Search Data Fails

              As noted yesterday, Congress this week is considering a new bill (the USA FREEDOM Reauthorization Act of 2020) that would not only renew already widely abused and heavily criticized FISA (Federal Intelligence Surveillance Act) powers, but extend the law to include warrantless access to American browsing and search data, a longstanding goal of the "there's no such thing as too much domestic surveillance" set. Given the well documented problems with the existing system, there's a large bipartisan coalition that believes this is, well, idiotic.

            • Congress plans to expand Patriot Act with DOJ access to your web browsing and search activity without a warrant

              The infamous Patriot Act, which uses the threat of terrorism to expand surveillance over American citizens, is up for renewal under the USA FREEDOM Reauthorization Act – which is set to be voted on soon. Specifically, Section 215 of the Patriot Act allows the government to ask record keepers for records relating to ongoing investigations. As if the original phone metadata siphoning provisions of the Patriot Act aren’t enough, Senator Mitch McConnell (R-KY) has introduced an amendment which would allow the Department of Justice (DOJ) to have access to anybody’s web browsing and search history under Section 215.

            • Here's how China has made mass surveillance a "killer application" for AI: will the US do the same?

              It’s increasingly evident that the coronavirus pandemic will cause a radical re-shaping of many aspects of society, not least in the world of privacy. Many people are trying to discern the shape of that new world in the current evolving situation. An interesting analysis from Naomi Klein picks up on many themes that have appeared on this blog:

            • COVID-19 and the Normalization of Mass Surveillance

              In the past few months, governments ranging from Australia to the United Kingdom and corporations as influential as Google and Apple have pushed the idea that cellphone tracking can be used to effectively fight COVID-19. There was even an essay here at Quillette, arguing that a mandatory phone tracking app would save lives while also saving jobs as a policy alternative to economic lockdown. Unfortunately, the idea that phone apps should be popularized or even mandated to fight outbreaks is techno-utopian, based on optimism rather than evidence. The real impact of such an approach on society wouldn’t be better immunity, but rather the acceptance and creeping growth of an even more powerful and omniscient global surveillance state.

            • Senate rejects tougher standards for collection of search and browsing data

              The US Senate voted down an amendment to the USA Patriot Act on Wednesday that would create a tougher standard for government investigators to collect the web search and browsing histories of people in the states. The bipartisan amendment, proposed by Sen. Ron Wyden of Oregon, a Democrat, and Sen. Steve Daines of Montana, a Republican, would've required the Department of Justice to show probable cause when requesting approval from the Foreign Intelligence Surveillance Court to collect the data for counterterrorism or counterintelligence investigations.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • Court Upholds Public Right of Access to Court Documents

        A core part of EFF’s mission is transparency and access to information, because we know that in a nation bound by the rule of law, the public must have the ability to know the law and how it is being applied. That’s why the default rule is that the public must have full access to court records—even if those records contain unsavory details. Any departure from that rule must be narrow and well-justified.

        But litigants and judges aren’t always rigorous in upholding that principle. For example, when Brian Fargo sued Jennifer Tejas for allegedly defamatory Instagram posts, he asked that the court seal portions of his filings that contained those posts, references to other people and private medical information. The court granted Fargo’s request, with little explanation or apparent care.

    • Environment

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

    • Freedom of Information/Freedom of the Press

      • Journalism Cannot Be a Covid-19 Casualty

        Journalism cannot survive, and certainly not thrive, without resources. And those resources are not coming from a “free market” that has stalled out. There has to be a federal fix, and that means that Congress must include muscular support for journalism in stimulus measures.

        “Local media is a critical source of news and information for communities, holds our government accountable, and plays an important role in our civic engagement,” argues former member of the Federal Communications Commission Michael Copps, who now counsels Common Cause on media issues. “But the health crisis our nation faces combined with the long-term decline in local news has left many communities without adequate sources of trustworthy news on the pandemic and has created a void in civic information. Congress must act now to ensure local news is adequately funded in order to meet the information needs of communities.”

    • Civil Rights

    • Internet Policy/Net Neutrality

      • US Press Continues To Help Prop Up Bullshit 5G Conspiracy Theories

        On one hand, we have wireless companies trying to insist that 5G is some type of cancer-curing miracle (it's not). On the other hand, we have oodles of conspiracy theorists, celebrities, and various grifters trying to claim 5G is some kind of rampant health menace (it's not). In reality, 5G's not actually interesting enough to warrant either position, but you'd hardly know this reading the US and UK press.

      • Why Are Email Files so Large?

        The average size of an email file is about 75 KB. That's around 7,000 words in plain text or about 37.5 pages. Unless you or your correspondents happen to be composing novel chapters in email messages, it's other behind-the-scenes factors that make these files so large.

        [...]

        However, if you're in business and you market your products by sending promotional emails, large emails take longer to load and require more bandwidth. Therefore, if you include large graphics, your email may be deleted before the graphics render. That timeframe may be a matter of seconds, but billions of emails are sent each day, so your marketing efforts have a lot of competition.

        Some email clients won't display a lengthy email. For example, Gmail clips emails that are larger than 102 KB. It supplies readers a link if they want to view the complete email, but there's no guarantee your recipient will be willing to click it.

        Large attachments and custom fonts are other add-ons that can make an email render slowly. It could be long enough for the recipient to click away

      • A brief history of IRC

        In the early days before the [Internet] there were local bulletin board systems (BBS) that you could dial into with a dumb terminal. They were servers with a bank of modems and everyone could chat in “teleconference”. Teleconference had channels in it so you could form one or more private chats with multiple users. Then the [Internet] started becoming accessible so the first IRC server was written. It was the teleconference of the [Internet].

      • [Old] How to Get Started with IRC (Internet Relay Chat)

        IRC (Internet Relay Chat) is an Internet protocol which allows people to communicate with each other in real time in a text based environment, see Wikipedia. However, it can be hard to get into and grasp..

    • Monopolies

      • Amid Growing Antitrust Concerns, Facebook Goes 'Faceless' in DC With New Lobby Group

        "No surprise—it's fighting back as lawmakers conduct an antitrust probe and are realizing what happens when we leave tech monopolies unchecked."€ 

      • Trump Administration Won’t Guarantee Universal Access to COVID-19 Vaccine

        Despite hundreds of millions of taxpayer dollars flowing to private drug companies for vaccine development, top health officials coordinating the Trump administration’s COVID-19 response indicated to Congress on Wednesday that they cannot guarantee universal access to vaccines for the highly contagious disease once they are developed.

      • Bernie Sanders Calls for Guarantee That Covid-19 Vaccine Be Free to All

        Assuring all Americans have access to a vaccine is both "the moral thing to do" and "good public health policy," said the Vermont senator.

      • As Facebook Agrees To Pay $52 Million In PTSD Payments To Moderators, Why Are Some Demanding More Human Moderators?

        There's been plenty of talk these days about content moderation, and how different platforms should moderate their content, but much less attention has been paid to the people who do the actual moderation. Last year, we highlighted an amazing story by Casey Newton at The Verge detailing just what a horrible job it is for many people -- in which they are constantly bombarded with the worst of the internet. Indeed, some of his reporting helped spur on a labor dispute that just ended (reported, again, by Newton) with Facebook agreeing to pay out $52 million to content moderators who developed mental health issues on the job.

      • Twitter strictly cracking down on COVID-19 misinformation

        The company is supposedly launching this digital crackdown as soon as possible and will even likely extend to older posts. Sources note that it will not explicitly tag these tweets as hoaxes. Twitter global senior strategist for public policy Nick Pickles explains: "People don't want us to play the role of deciding for them what's true and what's not true but they do want people to play a much stronger role providing context."

      • Trademarks

        • National Geographic Defeats Trademark Suit Over 'Wild America' and 'Untamed Americas' Claim

          There is always tension between the First Amendment and trademark law, but it's a tension that is usually dissolved by trademark's primary aims to keep the public well informed as to the source and affiliations of goods and services. Still, it shouldn't be lost on anyone that the law at its heart is chiefly about what a business or commercial interest can name/say about itself. And, while the law carves out space in speech for identifying branding and language, the First Amendment doesn't entirely disappear in such commercial squabbles just because someone shouts trademark at it.

      • Copyrights

        • An Update on the (Revised) CC Global Summit

          In March, after officially canceling the in-person CC Summit, we began this revisioning process by gathering insightful feedback from members of the CC Global Network and working with the Program Committee. Committee members have proven invaluable during this process and we’re grateful for their hard work, vision, and flexibility. Although there are still many things we need to figure out, I’m excited to provide a brief update on what we have so far, and what we’re working on.€ 

        • Takedown Notices From Netflix are Skyrocketing, But Are They Legit?

          Netflix has just sent over half a million takedown requests to Google in one week. This is up from an average of about 20,000 earlier this year. The notices mostly appear to target French pirate streaming sites. The surge in takedown notices could be part of an anti-piracy campaign but it's also possible that something more nefarious is going on.

        • Movie & TV Giants Obtain Court Injunction to Shut Down Nitro TV

          A coalition of entertainment companies headed up by Universal, Paramount, Columbia, Disney and Amazon has obtained an injunction to shut down 'pirate' IPTV service Nitro TV. A court in California has ordered all individuals acting in concert or participation with the service to stop infringing the companies' copyrights, including by disabling its domains.

        • Copyright Troll Richard Liebowitz Has Two Separate Courts Sanction Him For His Ongoing Copyright Trolling Failures

          It's worth pointing out just how difficult it is to get a judge to issue sanctions against a lawyer behaving badly. We cover many, many, many cases involving lawyers behaving really badly, and over and over again we see judges refuse to issue sanctions against those lawyers. Judges give lawyers the benefit of the doubt over and over again. That's one reason why it's so incredible that terrible lawyer and copyright troll Richard Liebowitz keeps getting smacked down by courts for truly egregious behavior.



Comments

Recent Techrights' Posts

On Groupthink, Mindless 'Sheep', and Toxic Online Cults
This week, treat yourself to a life free of social control media
BetaNews is Run and Written by Bots That Make Clickbait
At least one author is doing this
 
[Meme] Trying to Terrorise Critics
How Microsofters roll...
Illegitimi Non Carborundum
If you try to suppress our publication, we'll not just bark back but also bite
Why This Site Became "Simple" a Year Ago
Light is good, heavy is bad
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, November 25, 2024
IRC logs for Monday, November 25, 2024
Links 26/11/2024: International Microsoft Outages, Microsoft Mass Layoffs Bigger Than Reported Last Friday
Links for the day, Deutsche Welle and CBC focus
Gemini Links 26/11/2024: Not Pagan, Emacs Wiki, and More
Links for the day
Links 25/11/2024: Egypt Harasses Bloggers, The University of Michigan Has Become Like a Corporation
Links for the day
Links 25/11/2024: Climate News, Daniel Pocock Receives a Fake/Fraudulent €17,000 Electricity Bill
Links for the day
[Meme] Microsoft: Our "Hey Hi" Hype is Going So Well That We Have MASS Layoffs Every Month. Makes Sense?
Contradiction
Latest Mass Layoffs at Microsoft Are Confirmed, Bing and Vista 11 Losing Market Share
They tried to hide this. They misuse NDAs.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, November 24, 2024
IRC logs for Sunday, November 24, 2024
Gemini Links 25/11/2024: Purity and Cory Doctorow's Ulysses Pact, Smolnet Portal and SGI
Links for the day
Technology: rights or responsibilities? - Part VIII
By Dr. Andy Farnell
GNU/Linux Reaches All-Time High in Europe (at 6%)
many in Europe chose to explore something else, something freedom-respecting
Patents Against Energy Sources That Reduce Pollution
this EV space (not just charging) is a patent mine field and it has long been that way
DARPA’s Information Innovation Office, Howard Shrobe, Values Compartmentalisation But Loses the Opportunity to Promote GNU/Linux and BSDs
All in all, he misses an opportunity
Wayland is an Alternative to X
the alternative to X (as in Twitter) isn't social control media but something like IRC
BetaNews, Desperate for Clicks, is Pushing Donald Trump Spam Created by LLMs (Slop)
Big clap to Brian Fagioli for stuffing a "tech" site with Trump spam (not the first time he uses LLMs to do this)
[Meme] Social Control Media Bliss
"My tree is bigger than yours"
Links 24/11/2024: More IMF Bailouts and Net Client Freedom
Links for the day
Gemini Links 24/11/2024: Being a Student and Digital Downsizing
Links for the day
Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
[Meme] The Most Liberal Company
"Insurrection? What insurrection?"
apple.com Traffic Down Over 7%, Says One Spyware Firm; Apple's Liabilities Increased Over 6% to $308,030,000,000
Apple is also about 120 billion dollars in debt
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular